PDF.js Vulnerability?

mtrg

There's a new RCE vulnerability reported for PDF.js... Is Zotero affected by this?

https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4367

martynas_b

No, our PDF.js build isn’t affected at all because our reader doesn’t support executing JavaScript in PDF files.

https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq